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REMARKS 

Claims 1 through 1 9 have been cancelled and replaced with new claims 20 through 3 1 
to more particularly point out and distinctly claim embodiments of the invention. No new 
matter has been added. 

For example, consider claim 20, which recites a storage engine that includes "a 
storage engine, the storage engine being configured to generate a secure session key and to 
receive encrypted content and a corresponding encrypted content key from a host system, 
wherein the content key has been encrypted by the host system using the secure session key, 
the storage engine being further configured to decrypt the encrypted content key using the 
secure session key and to encrypt the decrypted content key with a first storage engine 
encryption key and to write the storage-engine-encrypted content key to the storage 
medium." Support for such a storage engine limitation may be seen, for example, from 
Figure 6 and the corresponding discussion in the specification on page 29, line 29 through 
page 30, line 1 1 and also in Figures 5 A and 5C and the corresponding discussion in the 
specification on page 29, line 10 through 29. As shown in Figure 6, a host (element 606) 
must provide a certificate having a public key to the storage engine (element 604), The 
storage engine generates a secure session key that is encrypted using the host's public key. 
Thus, the host can only recover the secure session key if it has the private key corresponding 
to its public key. Having recovered the secure session key, the host is thus authenticated to 
the storage engine. Then, the host may provide encrypted content and the corresponding 
content key(s) to the storage engine so that the storage engine may write the encrypted 
content to its storage medium. But in the claimed embodiment of the invention, the storage 
engine does not just write the encrypted content and key(s) to the medium. Instead, as 
described in page 29, the storage engine may doubly encrypt the encrypted content and 
encrypt the content key(s) as well. This may be done using a key known only to the engine 
as described in page 15, line 8. Thus, should a hacker at the host somehow gain access to the 
Storage medium, this hacker cannot decrypt the encrypted content. 

The Ginter reference (2002/0112171 Al) does not disclose or teach such an 
advantageous storage engine. Accordingly, claim 20 is patentable over the art of record. 

Because claims 21 through 29 depend either directly or indirectly upon claim 20, they 
are patentable for at least the same reasons. Claims 2 1 and 22 are supported as discussed 
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above with respect to Figure 6. Claim 23 is supported by the double encryption discussion 
on page 29. Claims 24 and 25 are supported by the DES key discussion on page 22, lines 17 
through 28. Claims 26 and 27 are supported by the optical disk discussion on page 17, lines 
21 through 30. Claim 28 is supported by the elliptic curve cryptography discussion on page 
28, lines 18 through 20. Claim 29 is supported by Figure 6 as discussed above. 

Claim 30 is a method claim corresponding analogously to the apparatus claim of 
claim 20 and is thus patentable over the prior art and supported as discussed with respect to 
claim 20, Because claim 3 1 depends upon claim 30, it is patentable for at least the same 



For the above reasons, pending claims 20 through 31 are in condition for allowance 
and allowance of the application is hereby solicited. If the Examiner has any questions or 
concerns, a telephone call to the undersigned at (949) 752-7040 is welcomed and 
encouraged 
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reasons. 



CONCLUSION 
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